poc

elastic · Jun 24, 2020 · 6fb6e66 · 6fb6e66
1 parent 5e3798c
commit 6fb6e66
Show file tree

Hide file tree

Showing 87 changed files with 1,704 additions and 554 deletions.
diff --git a/src/core/server/capabilities/merge_capabilities.ts b/src/core/server/capabilities/merge_capabilities.ts
@@ -21,7 +21,7 @@ import { merge } from 'lodash';
 import { Capabilities } from './types';
 
 export const mergeCapabilities = (...sources: Array<Partial<Capabilities>>): Capabilities =>
- merge({}, ...sources, (a: any, b: any) => {
+ merge({}, ...sources, (a: any, b: any, key: any) => {
  if (
  (typeof a === 'boolean' && typeof b === 'object') ||
  (typeof a === 'object' && typeof b === 'boolean')
@@ -32,4 +32,9 @@ export const mergeCapabilities = (...sources: Array<Partial<Capabilities>>): Cap
  if (typeof a === 'boolean' && typeof b === 'boolean' && a !== b) {
  throw new Error(`conflict trying to merge booleans with different values`);
  }
+
+ // if (typeof a === 'object' && typeof b === 'object' && key === 'management') {
+ // console.log('INSIDE MANAGEMENT FOR MERGING');
+ // return merge({}, a, b);
+ // }
  });
diff --git a/x-pack/plugins/apm/server/plugin.ts b/x-pack/plugins/apm/server/plugin.ts
@@ -129,7 +129,7 @@ export class APMPlugin implements Plugin<APMPluginSetup> {
  };
  });
 
- plugins.features.registerFeature(APM_FEATURE);
+ plugins.features.registerKibanaFeature(APM_FEATURE);
  plugins.licensing.featureUsage.register(
  APM_SERVICE_MAPS_FEATURE_NAME,
  APM_SERVICE_MAPS_LICENSE_TYPE

diff --git a/x-pack/plugins/beats_management/kibana.json b/x-pack/plugins/beats_management/kibana.json
@@ -7,7 +7,8 @@
  "requiredPlugins": [
  "data",
  "licensing",
- "management"
+ "management",
+ "features"
  ],
  "optionalPlugins": [
  "security"

diff --git a/x-pack/plugins/beats_management/server/plugin.ts b/x-pack/plugins/beats_management/server/plugin.ts
@@ -10,12 +10,14 @@ import {
  Plugin,
  PluginInitializerContext,
 } from '../../../../src/core/server';
+import { PluginSetupContract as FeaturesPluginSetup } from '../../features/server';
 import { SecurityPluginSetup } from '../../security/server';
 import { LicensingPluginStart } from '../../licensing/server';
 import { BeatsManagementConfigType } from '../common';
 
 interface SetupDeps {
  security?: SecurityPluginSetup;
+ features: FeaturesPluginSetup;
 }
 
 interface StartDeps {
@@ -30,6 +32,35 @@ export class BeatsManagementPlugin implements Plugin<{}, {}, SetupDeps, StartDep
  public async setup(core: CoreSetup<StartDeps>, plugins: SetupDeps) {
  this.initializerContext.config.create();
 
+ plugins.features.registerElasticsearchFeature({
+ id: 'beats_management',
+ management: {
+ ingest: ['beats_management'],
+ },
+ privileges: {
+ all: {
+ ui: [],
+ management: {
+ ingest: ['beats_management'],
+ },
+ requiredClusterPrivileges: [],
+ requiredIndexPrivileges: {
+ ['.management-beats']: ['all'],
+ },
+ },
+ read: {
+ ui: [],
+ management: {
+ ingest: ['beats_management'],
+ },
+ requiredClusterPrivileges: [],
+ requiredIndexPrivileges: {
+ ['.management-beats']: ['all'],
+ },
+ },
+ },
+ });
+
  return {};
  }
 

diff --git a/x-pack/plugins/canvas/server/plugin.ts b/x-pack/plugins/canvas/server/plugin.ts
@@ -33,7 +33,7 @@ export class CanvasPlugin implements Plugin {
  coreSetup.savedObjects.registerType(customElementType);
  coreSetup.savedObjects.registerType(workpadType);
 
- plugins.features.registerFeature({
+ plugins.features.registerKibanaFeature({
  id: 'canvas',
  name: 'Canvas',
  order: 400,

diff --git a/x-pack/plugins/cross_cluster_replication/kibana.json b/x-pack/plugins/cross_cluster_replication/kibana.json
@@ -8,7 +8,8 @@
  "licensing",
  "management",
  "remoteClusters",
- "indexManagement"
+ "indexManagement",
+ "features"
  ],
  "optionalPlugins": [
  "usageCollection"

diff --git a/x-pack/plugins/cross_cluster_replication/server/plugin.ts b/x-pack/plugins/cross_cluster_replication/server/plugin.ts
@@ -87,7 +87,7 @@ export class CrossClusterReplicationServerPlugin implements Plugin<void, void, a
 
  setup(
  { http, getStartServices }: CoreSetup,
- { licensing, indexManagement, remoteClusters }: Dependencies
+ { features, licensing, indexManagement, remoteClusters }: Dependencies
  ) {
  this.config$
  .pipe(first())
@@ -124,6 +124,23 @@ export class CrossClusterReplicationServerPlugin implements Plugin<void, void, a
  }
  );
 
+ features.registerElasticsearchFeature({
+ id: 'cross_cluster_replication',
+ management: {
+ data: ['cross_cluster_replication'],
+ },
+ privileges: {
+ all: {
+ requiredClusterPrivileges: ['manage', 'manage_ccr'],
+ ui: [],
+ },
+ read: {
+ requiredClusterPrivileges: ['manage', 'manage_ccr'],
+ ui: [],
+ },
+ },
+ });
+
  http.registerRouteHandlerContext('crossClusterReplication', async (ctx, request) => {
  this.ccrEsClient = this.ccrEsClient ?? (await getCustomEsClient(getStartServices));
  return {

diff --git a/x-pack/plugins/cross_cluster_replication/server/types.ts b/x-pack/plugins/cross_cluster_replication/server/types.ts
@@ -5,6 +5,7 @@
  */
 
 import { IRouter } from 'src/core/server';
+import { PluginSetupContract as FeaturesPluginSetup } from '../../features/server';
 import { LicensingPluginSetup } from '../../licensing/server';
 import { IndexManagementPluginSetup } from '../../index_management/server';
 import { RemoteClustersPluginSetup } from '../../remote_clusters/server';
@@ -16,6 +17,7 @@ export interface Dependencies {
  licensing: LicensingPluginSetup;
  indexManagement: IndexManagementPluginSetup;
  remoteClusters: RemoteClustersPluginSetup;
+ features: FeaturesPluginSetup;
 }
 
 export interface RouteDependencies {

diff --git a/x-pack/plugins/features/common/es_feature.ts b/x-pack/plugins/features/common/es_feature.ts
@@ -0,0 +1,97 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { RecursiveReadonly } from '@kbn/utility-types';
+import { FeatureElasticsearchPrivileges } from './feature_elasticsearch_privileges';
+
+/**
+ * Interface for registering an Elasticsearch feature.
+ * Feature registration allows plugins to hide their applications based
+ * on configured cluster privileges.
+ */
+export interface ElasticsearchFeatureConfig {
+ /**
+ * Unique identifier for this feature.
+ * This identifier is also used when generating UI Capabilities.
+ *
+ * @see UICapabilities
+ */
+ id: string;
+
+ /**
+ * Optional array of supported licenses.
+ * If omitted, all licenses are allowed.
+ * This does not restrict access to your feature based on license.
+ * Its only purpose is to inform the space and roles UIs on which features to display.
+ */
+ validLicenses?: Array<'basic' | 'standard' | 'gold' | 'platinum' | 'enterprise' | 'trial'>;
+
+ /**
+ * Management sections associated with this feature.
+ *
+ * @example
+ * ```ts
+ * // Enables access to the "Advanced Settings" management page within the Kibana section
+ * management: {
+ * kibana: ['settings']
+ * }
+ * ```
+ */
+ management?: {
+ [sectionId: string]: string[];
+ };
+
+ /**
+ * If this feature includes a catalogue entry, you can specify them here to control visibility based on the current space.
+ *
+ */
+ catalogue?: string[];
+
+ /**
+ * Feature privilege definition.
+ *
+ * @example
+ * ```ts
+ * {
+ * all: {...},
+ * read: {...}
+ * }
+ * ```
+ * @see FeatureElasticsearchPrivileges
+ */
+ privileges: {
+ all: FeatureElasticsearchPrivileges;
+ read: FeatureElasticsearchPrivileges;
+ };
+}
+
+export class ElasticsearchFeature {
+ constructor(protected readonly config: RecursiveReadonly<ElasticsearchFeatureConfig>) {}
+
+ public get id() {
+ return this.config.id;
+ }
+
+ public get catalogue() {
+ return this.config.catalogue;
+ }
+
+ public get management() {
+ return this.config.management;
+ }
+
+ public get validLicenses() {
+ return this.config.validLicenses;
+ }
+
+ public get privileges() {
+ return this.config.privileges;
+ }
+
+ public toRaw() {
+ return { ...this.config } as ElasticsearchFeatureConfig;
+ }
+}
diff --git a/x-pack/plugins/features/common/feature_elasticsearch_privileges.ts b/x-pack/plugins/features/common/feature_elasticsearch_privileges.ts
@@ -0,0 +1,41 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+/**
+ * Elasticsearch Feature privilege definition
+ */
+export interface FeatureElasticsearchPrivileges {
+ requiredClusterPrivileges: string[];
+ requiredIndexPrivileges?: {
+ [indexName: string]: string[];
+ };
+
+ /**
+ * A list of UI Capabilities that should be granted to users with this privilege.
+ * These capabilities will automatically be namespaces within your feature id.
+ *
+ * @example
+ * ```ts
+ * {
+ * ui: ['show', 'save']
+ * }
+ *
+ * This translates in the UI to the following (assuming a feature id of "foo"):
+ * import { uiCapabilities } from 'ui/capabilities';
+ *
+ * const canShowApp = uiCapabilities.foo.show;
+ * const canSave = uiCapabilities.foo.save;
+ * ```
+ * Note: Since these are automatically namespaced, you are free to use generic names like "show" and "save".
+ *
+ * @see UICapabilities
+ */
+ ui: string[];
+
+ management?: {
+ [sectionId: string]: string[];
+ };
+}
diff --git a/x-pack/plugins/features/common/index.ts b/x-pack/plugins/features/common/index.ts
@@ -4,7 +4,9 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
+export { FeatureElasticsearchPrivileges } from './feature_elasticsearch_privileges';
 export { FeatureKibanaPrivileges } from './feature_kibana_privileges';
+export { ElasticsearchFeature, ElasticsearchFeatureConfig } from './es_feature';
 export { Feature, FeatureConfig } from './feature';
 export {
  SubFeature,